United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
I nilid Stall-, l'atint and Trademark Office 

Address: COMMISSIONER FOR PATENTS 



APPLICATION NO. | FILING DATE | HRST NAMED INVENTOR | ATTORNEY DOCKET NO. | CONFIRMATION NO. 

10/788,515 02/27/2004 Paul M. Bird CA920030104US1 6895 

23373 7590 08/01/2008 I FXAMTNFR 

SUGHRUE MION, PLLC I examiner 

2100 PENNSYLVANIA AVENUE, N.W. lie.angelam 

SUITE 800 I 

WASHINGTON, DC 20037 I art unit 



PAPER NUMBER 



DELIVERY MODE 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



l/ffflrC? nVrliUli Otfff Iff ids y 


Application No. 

10/788,515 


Applicant(s) 
BIRD ET AL. 


Examiner 

ANGELA M. LIE 


Art Unit 

2163 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )KI Responsive to communication(s) filed on 22 May 2008 . 
2a )□ This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-24 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

Claim(s) is/are allowed. 

6) |EI Claim(s) P24 is/are rejected. 

7) 0 Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 27 February 2004 is/are: a)^ accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attach ment(s) 

1) ^| Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO/SB/08) 5 ) □ Notice of Informal Patent Application 

Paper No(s)/Mail Date . 6) □ Other: . 



PTOL-T26 d (Rev e 08-06r 



Office Action Summary 



Part of Paper No./Mail Date 20080730 



Application/Control Number: 10/788,515 
Art Unit: 2163 



Page 2 



DETAILED ACTION 

Claim Rejections - 35 USC § 103 

1 . The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this 
title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a 
whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made. 

2. Claim 1-4, 7, 9-12, 15, 17-20 and 23 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over McNabb et al (US Patent No. 6289462) in view of Umriet 
(US Patent No. 6704787). 

As to claims 1. 9 and 17. McNabb discloses a data processing system 
comprising a database (Figure 9, element 510), the database comprising classified 
table elements (column 18, lines 56-58), the data processing system coupled to a 
classification engine (Figure 9, element 504) adapted to provide indicators of approval 
or non approval to permit (column14, lines 19-26), for a request associated with a 
requestor (column14, lines 19-26), access to contents of the classified table elements 
(column 8, lines 41-45), a method for retrieving data from the classified table elements 
(column 18, lines 52-58), the method comprising the steps of: receiving the request 
(Figure 9, element 502) at the database (Figure 9, element 510, wherein granted 
requests will be forwarded to the database so that the desired data can be uploaded by 
the requesting party), from the requestor (Figure 9, element 500), to access the 
contents of the classified table elements (column 8, lines 11-15); for each classified 
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table element, the database (510) asking the classification engine (504) to provide an 
indication of whether the requestor associated with the request is to be permitted 
access to the contents of the respective classified table element (if request is forwarded 
to the database, it means that the access was granted, the database requires confirmed 
request in order to provide the access to the data, i.e. the database is asking for the 
identification information); and accessing the contents of each classified engine, the 
approval indicators indicating that the requestor is permitted to access the contents of 
the respective classified table element (column 14, lines 56-67, and column 15, lines 1- 
28); wherein the asking step comprises sending, by the database (Figure 9, element 
510), arguments to input classification parameters (Figure 9, reply (SL2), wherein when 
a request (SL2) is issued to the database, the database replies (i.e. SL2)), furthermore, 
due to confusion over the phrase "classification parameters" as described above, the 
Examiner assumes that the reply comprising data requested by a user can be 
equivalent to classification parameters (i.e. returned data has been classified)) to the 
classification engine (Figure 9, element 504) coupled to the data processing system 
(Figure 9, element 510). McNabb does not explicitly teach the data processing system 
being external to a classification engine and that user can directly access the database, 
however Umbreit teaches an authentication system external to the database (Figure 1, 
elements 18 and 20 respectively) wherein a user (Figure 1, element 10) can directly 
access the database (Figure 1 , element 20), and then database (20) can verify user's 
access rights with the authentication unit (18), if the user is permitted to access 
requested data, the corresponding pages are displayed to the user. It would have been 
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obvious to one of the ordinary skill in the art at the time the invention was made to have 
external authentication unit, as taught by Umbreit, instead of having database and 
verification unit integrated into one device as taught by McNabb's, because this would 
allow multiple databases to share one authentication unit, thus it would be relatively 
inexpensive solution. Furthermore it would also has been obvious to one of ordinary skill 
in the art at the time the invention was made to access the database directly before 
authorizing the access because the database could first verify if the requested 
information is still present in the storage, thus it would eliminate unnecessary 
verifications, finally saving resources and time. 

As to claims 2, 10 and 18 , McNabb discloses the method comprising the steps 
of: providing to the requestor, access to the contents of each classified table element for 
which an approval indicator is received; and, denying, to the requestor, access to the 
contents of each classified table element for which a non-approval indicator is received 
from the classification engine, the non-approval indicator indicating that the requestor is 
not permitted to access the contents of the respective classified table element (column 
14, lines 49-67, and column 15, lines 1-28). 

As to claims 3, 11 and 19 , McNabb discloses the method wherein: the classified 
table elements are included in a classified table contained in the database (column 18, 
lines 52-58); each classified table element is associated with a respective classification 
label (column 14, lines 49-54); and the classification engine (Figure 9, element 504) 
uses the classification label for each classified table element and a classification 
associated with the requestor in determining whether to provide the approval indicator 
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and whether to provide the non-approval indicator for the respective classified table 
element (column 14, lines 19-26). 

As to claims 4, 12 and 20 , McNabb discloses the method wherein the classified 
table element is a classified table row (column 18, lines 55-58). 

As to claims 7, 15 and 23 , McNabb discloses the method wherein in the asking 
step, the classification engine (Figure 9, element 504) is invoked through at least one 
processing exit (Figure 9, element 502) in the data processing system (Figure 9, 
element 500). 

3. Claims 5, 6, 13, 14, 21 and 22 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over McNabb et al in the view of Umbreit and further in view of 
Tashenberq (US Publication 2001/0034711) . 

As to claims 5, 13 and 21 , McNabb teaches the method further comprising the 
executable instructions comprising added instructions for invoking the classification 
engine such that for each row of the classified table (column 18, lines 56-58), 
arguments for at least one classification parameter are passed to the classification 
engine (Figure 9, element 504) for use in generating one of the approval indicator and 
non-approval indicator for the respective row (column 14, lines 19-26 and lines 49-54), 
where the arguments comprise both data stored in one or more classification columns 
of the table (i.e. data that is about to be accessed) and data used to determine the 
classification associated with the requestor (column 14, lines 19-26, i.e. SL (sensitivity 
label)). Neither McNabb nor Umbreit explicitly teaches that the original request is 
compiled into executable instructions. Tashenberg teaches a network system wherein 
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request is converted into machine executable instructions (paragraph 92). It would have 
been obvious to one of the ordinary skill in the art during the time the invention was 
made to compile the request into machine executable instruction as taught by 
Tashenberg, and use this in McNabb's secure computer operating system, because 
compiling the massages or requests into computer readable instruction is commonly 
known and used. Furthermore compiling step is essential in the system operation 
because the interface that allows the user to request access to certain data is in a 
human friendly readable form, not in a computer language (binary code), and therefore 
it needs to be converted to allow computer to process the instructions. 

As to claims 6, 14 and 22, McNabb discloses the method wherein the 
classification engine (Figure 9, element 504) is adapted to generate the indicators 
(column 14, lines 19-26, i.e. SL) using a classification level derived from data stored in 
the at least one classification column of each respective row (column 18, lines 52-58) in 
accordance with a column mapping schema (i.e. the information about the access are 
derived from the ID and many other criteria, Figure 10). 
4. Claims 8, 16 and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over McNabb et al in the view of Umbreit and further in view of 
Hepworth et al (US Publication 2006/0032920) . McNabb teaches all the limitations 
disclosed in claims 1 ,9 and 1 7 respectively, further he also teaches checking for each 
classified table element, whether decision contains one of an approval indicator and 
non-approval indicator associated therewith, and wherein the asking step is performed 
only when neither indicator is contained in the decision unit (Figure 9, element 504; 



Application/Control Number: 10/788,515 Page 7 

Art Unit: 2163 

since McNabb does not teach processing multiple requests from the same user at one 
point of time, it also indicates that when one request is processed, the asking step is 
held). McNabb does not teach explicitly that the decision about access approval is 
contained in cache. Hepworth teaches the system wherein authorization information is 
stored in a local cache. It would have been obvious to one of the ordinary skill in the art 
during the time the invention was made to store the approval status temporarily in cache 
memory as taught by Hepworth, in McNabb's access security system, because it is well 
known in the art, that temporary information such as approval are stored for short period 
of time in cache or RAM because usually there is no need to store the authentication 
data on the hard disk. Furthermore in order to complete the transaction the response 
has to be placed in the memory that allows fast process between the requesting and 
processing units. 

Response to Arguments 

5. Applicant's arguments with respect to claims 1 , 9 and 17 have been considered 
but are moot in view of the new grounds of rejection. 

6. With respect to argument on page 12, addressing objection of the phrase "input 
classification parameters". The Applicant's argument is persuasive, hence the objection 
has been withdrawn. 
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The Prior Art 

7. The prior art made of record and not relied upon is considered pertinent to 

applicant's disclosure. 

Zotto et al (US Publication 2004/0009815) disclose a managing access 
to content wherein the access to individual pieces of information is 
controlled. 

Larsen (US Publication 2005/0055581 ) discloses a process-based 
security comprising access rights look-up table. 



Inquiry 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Angela M. Lie whose telephone number is 571-272- 
8445. The examiner can normally be reached on M-F. 

9. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Don Wong can be reached on 571-272-1834. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 



Application/Control Number: 10/788,515 Page 9 

Art Unit: 2163 

10. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Hung T Vy/ 

Primary Examiner, Art Unit 2163 

/Angela M Lie/ 
Examiner, Art Unit 2163 



